diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7b78f3f..354100e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -15,6 +15,12 @@ and understanding.
+## [v0.56.0](https://github.com/phylum-dev/phylum-ci/compare/v0.55.0...v0.56.0) (2024-12-13)
+
+### Features
+
+* Automatically analyze newly created projects ([#514](https://github.com/phylum-dev/phylum-ci/pull/514)) ([`2683fe4`](https://github.com/phylum-dev/phylum-ci/commit/2683fe4d1f4f972a3c9bcd606936ed7726438272))
+
## [v0.55.0](https://github.com/phylum-dev/phylum-ci/compare/v0.54.0...v0.55.0) (2024-12-05)
### Features
diff --git a/docs/img/phylum-ci_options.svg b/docs/img/phylum-ci_options.svg
index b58e71a..1cbb04e 100644
--- a/docs/img/phylum-ci_options.svg
+++ b/docs/img/phylum-ci_options.svg
@@ -19,535 +19,535 @@
font-weight: 700;
}
- .terminal-19171772-matrix {
+ .terminal-2288683325-matrix {
font-family: Fira Code, monospace;
font-size: 20px;
line-height: 24.4px;
font-variant-east-asian: full-width;
}
- .terminal-19171772-title {
+ .terminal-2288683325-title {
font-size: 18px;
font-weight: bold;
font-family: arial;
}
- .terminal-19171772-r1 { fill: #c5c8c6 }
+ .terminal-2288683325-r1 { fill: #c5c8c6 }
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
- phylum-ci options
+ phylum-ci options
-
+
-
- $ phylum-ci --help
-usage: phylum-ci [-h] [-V] [-v | -q] [-d [DEPFILE ...]] [-e [EXCLUDE ...]]
- [-a] [-f] [-k TOKEN] [-p PROJECT] [-o ORG] [-g GROUP] [-s]
- [--fail-incomplete | --audit] [--ignore-errors] [-r VERSION]
- [-t TARGET] [-u URI] [-i]
-
-Use Phylum to analyze dependencies in a CI environment
-
-options:
- -h, --help show this help message and exit
- -V, --version show program's version number and exit
- -v, --verbose Increase output verbosity (the maximum is -vvv)
- (default: 0)
- -q, --quiet Decrease output verbosity (the maximum is -qq)
- (default: 0)
-
-Dependency File Analysis Options:
- -d [DEPFILE ...], --depfile [DEPFILE ...]
- Path to package dependency file(s) (lockfiles or
- manifests) to analyze. If not specified here or in the
- `.phylum_project` file, an attempt will be made to
- automatically detect the file(s). Some dependency file
- types (e.g., Python/pip `requirements.txt`) are
- ambiguous in that they can be named differently and
- may or may not contain strict dependencies. In these
- cases, it is best to specify an explicit dependency
- file path. (default: None)
- -e [EXCLUDE ...], --exclude [EXCLUDE ...]
- Gitignore-style exclusion patterns. Ignored when
- dependency files are specified explicitly by argument.
- Specify patterns in quotes to prevent shell globbing.
- Patterns are applied relative to working directory.
- (default: None)
- -a, --all-deps Specify this flag to consider all dependencies in
- analysis results instead of just the newly added ones.
- This is especially useful for manifest files where
- there is no companion lockfile (e.g., libraries).
- (default: False)
- -f, --force-analysis Specify this flag to force analysis, even when no
- dependency file has changed. This flag is implicitly
- set when *any* manifest is included, to maximize the
- chance that updated dependencies are accounted.
- (default: False)
- -k TOKEN, --phylum-token TOKEN
- Phylum user token. Can also specify this option's
- value by setting the `PHYLUM_API_KEY` environment
- variable. The value specified with this option takes
- precedence when both are provided. Leave this option
- and it's related environment variable unspecified to
- either (1) use an existing token already set in the
- Phylum settings file or (2) manually populate the
- token with a `phylum auth login` or `phylum auth
- register` command after install. (default: None)
- -p PROJECT, --project PROJECT
- Name of a Phylum project to create and use to perform
- the analysis. Can also specify this option's value in
- the `.phylum_project` file. The value specified with
- this option takes precedence when both are provided. A
- deterministic project name will be used when neither
- are provided. (default: None)
- -o ORG, --org ORG Optional organization name. Can also specify this
- option's value in the Phylum settings file:
- https://docs.phylum.io/cli/commands/phylum_org_link.
- The value specified with this option takes precedence
- when both are provided. When an org is specified, a
- group name must also be specified. Orgs require a paid
- account: https://phylum.io/pricing (default: None)
- -g GROUP, --group GROUP
- Optional group name, which will be the owner of the
- project. Can also specify this option's value in the
- `.phylum_project` file. The value specified with this
- option takes precedence when both are provided. Group
- will be created if it does not already exist. Groups
- require a paid account: https://phylum.io/pricing
- (default: None)
-
-Output Modification Options:
- -s, --skip-comments Specify this flag to disable posting comments/notes on
- pull/merge requests. This flag is implicitly set when
- audit mode is enabled. (default: False)
- --fail-incomplete Specify this flag to set a failure code when some
- analysis results are unknown. Useful in environments
- where strictness is desired to prevent adding any new
- dependency until it passes established policy.
- (default: False)
- --audit Specify this flag to enable audit mode: analysis is
- performed but results do not affect the exit code.
- (default: False)
- --ignore-errors Specify this flag to ignore non-analysis warnings and
- errors that would otherwise affect the exit code.
- (default: False)
-
-Phylum CLI Options:
- Use the options here to control the Phylum CLI version in use during
- analysis. Examples of when this may be useful are: for troubleshooting,
- maintaining a consistent evironment, ensuring the latest version, or
- reverting to a previous version when the installed one causes an issue.
-
- -r VERSION, --phylum-release VERSION
- The version of the Phylum CLI to install. Can be
- specified as `latest` or a specific tagged release,
- with or without the leading `v`. Default behavior is
- to use the installed version and fall back to `latest`
- when no CLI is already installed. (default: None)
- -t TARGET, --target TARGET
- The target platform type where the CLI will be
- installed, defaulting to current detected platform.
- (default: x86_64-unknown-linux-gnu)
- -u URI, --api-uri URI
- URI of Phylum API instance to use. Can also specify
- this option's value by setting the `PHYLUM_API_URI`
- environment variable. The value specified with this
- option takes precedence when both are provided. When
- not specified, the CLI will use the default value for
- the PRODUCTION instance for new installs and the
- existing value in the Phylum settings file when
- available. Example: specify
- 'https://api.staging.phylum.io' to point to the
- STAGING instance. Hint: ensure the value for
- `--phylum-token` is correct for the instance specified
- here. (default: None)
- -i, --force-install Specify this flag to ensure the specified Phylum CLI
- release version is the one that is installed.
- Otherwise, any existing version will be used.
- (default: False)
+
+ $ phylum-ci --help
+usage: phylum-ci [-h] [-V] [-v | -q] [-d [DEPFILE ...]] [-e [EXCLUDE ...]]
+ [-a] [-f] [-k TOKEN] [-p PROJECT] [-o ORG] [-g GROUP] [-s]
+ [--fail-incomplete | --audit] [--ignore-errors] [-r VERSION]
+ [-t TARGET] [-u URI] [-i]
+
+Use Phylum to analyze dependencies in a CI environment
+
+options:
+ -h, --help show this help message and exit
+ -V, --version show program's version number and exit
+ -v, --verbose Increase output verbosity (the maximum is -vvv)
+ (default: 0)
+ -q, --quiet Decrease output verbosity (the maximum is -qq)
+ (default: 0)
+
+Dependency File Analysis Options:
+ -d [DEPFILE ...], --depfile [DEPFILE ...]
+ Path to package dependency file(s) (lockfiles or
+ manifests) to analyze. If not specified here or in the
+ `.phylum_project` file, an attempt will be made to
+ automatically detect the file(s). Some dependency file
+ types (e.g., Python/pip `requirements.txt`) are
+ ambiguous in that they can be named differently and
+ may or may not contain strict dependencies. In these
+ cases, it is best to specify an explicit dependency
+ file path. (default: None)
+ -e [EXCLUDE ...], --exclude [EXCLUDE ...]
+ Gitignore-style exclusion patterns. Ignored when
+ dependency files are specified explicitly by argument.
+ Specify patterns in quotes to prevent shell globbing.
+ Patterns are applied relative to working directory.
+ (default: None)
+ -a, --all-deps Specify this flag to consider all dependencies in
+ analysis results instead of just the newly added ones.
+ This is especially useful for manifest files where
+ there is no companion lockfile (e.g., libraries).
+ (default: False)
+ -f, --force-analysis Specify this flag to force analysis, even when no
+ dependency file has changed. Implicitly set for newly
+ created projects or when *any* manifest is included,
+ to account for possible dependency updates. (default:
+ False)
+ -k TOKEN, --phylum-token TOKEN
+ Phylum user token. Can also specify this option's
+ value by setting the `PHYLUM_API_KEY` environment
+ variable. The value specified with this option takes
+ precedence when both are provided. Leave this option
+ and it's related environment variable unspecified to
+ either (1) use an existing token already set in the
+ Phylum settings file or (2) manually populate the
+ token with a `phylum auth login` or `phylum auth
+ register` command after install. (default: None)
+ -p PROJECT, --project PROJECT
+ Name of a Phylum project to create and use to perform
+ the analysis. Can also specify this option's value in
+ the `.phylum_project` file. The value specified with
+ this option takes precedence when both are provided. A
+ deterministic project name will be used when neither
+ are provided. (default: None)
+ -o ORG, --org ORG Optional organization name. Can also specify this
+ option's value in the Phylum settings file:
+ https://docs.phylum.io/cli/commands/phylum_org_link.
+ The value specified with this option takes precedence
+ when both are provided. When an org is specified, a
+ group name must also be specified. Orgs require a paid
+ account: https://phylum.io/pricing (default: None)
+ -g GROUP, --group GROUP
+ Optional group name, which will be the owner of the
+ project. Can also specify this option's value in the
+ `.phylum_project` file. The value specified with this
+ option takes precedence when both are provided. Group
+ will be created if it does not already exist. Groups
+ require a paid account: https://phylum.io/pricing
+ (default: None)
+
+Output Modification Options:
+ -s, --skip-comments Specify this flag to disable posting comments/notes on
+ pull/merge requests. This flag is implicitly set when
+ audit mode is enabled. (default: False)
+ --fail-incomplete Specify this flag to set a failure code when some
+ analysis results are unknown. Useful in environments
+ where strictness is desired to prevent adding any new
+ dependency until it passes established policy.
+ (default: False)
+ --audit Specify this flag to enable audit mode: analysis is
+ performed but results do not affect the exit code.
+ (default: False)
+ --ignore-errors Specify this flag to ignore non-analysis warnings and
+ errors that would otherwise affect the exit code.
+ (default: False)
+
+Phylum CLI Options:
+ Use the options here to control the Phylum CLI version in use during
+ analysis. Examples of when this may be useful are: for troubleshooting,
+ maintaining a consistent evironment, ensuring the latest version, or
+ reverting to a previous version when the installed one causes an issue.
+
+ -r VERSION, --phylum-release VERSION
+ The version of the Phylum CLI to install. Can be
+ specified as `latest` or a specific tagged release,
+ with or without the leading `v`. Default behavior is
+ to use the installed version and fall back to `latest`
+ when no CLI is already installed. (default: None)
+ -t TARGET, --target TARGET
+ The target platform type where the CLI will be
+ installed, defaulting to current detected platform.
+ (default: x86_64-unknown-linux-gnu)
+ -u URI, --api-uri URI
+ URI of Phylum API instance to use. Can also specify
+ this option's value by setting the `PHYLUM_API_URI`
+ environment variable. The value specified with this
+ option takes precedence when both are provided. When
+ not specified, the CLI will use the default value for
+ the PRODUCTION instance for new installs and the
+ existing value in the Phylum settings file when
+ available. Example: specify
+ 'https://api.staging.phylum.io' to point to the
+ STAGING instance. Hint: ensure the value for
+ `--phylum-token` is correct for the instance specified
+ here. (default: None)
+ -i, --force-install Specify this flag to ensure the specified Phylum CLI
+ release version is the one that is installed.
+ Otherwise, any existing version will be used.
+ (default: False)
diff --git a/pyproject.toml b/pyproject.toml
index 3a30395..221ce56 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -6,7 +6,7 @@ build-backend = "poetry.core.masonry.api"
[tool.poetry]
name = "phylum"
-version = "0.55.0"
+version = "0.56.0"
description = "Utilities for integrating Phylum into CI pipelines"
license = "GPL-3.0-or-later"
authors = ["Phylum, Inc. "]